Cloud can help ease burden of GDPR compliance for businesses, Google execs claim

Matthew Finnegan |
May 8, 2017

Google commits to GDPR compliance ahead of May 2018 deadline.

The General Data Protection Regulation (GDPR) is fast approaching but with significant resource investment required, many organisations are struggling to meet the May 2018 deadline. According to Google executives, moving data to the cloud will help take some of the pain out of upgrading security practices and data protection standards in line with the regulations.

GDPR is the biggest change to data protection regulations in two decades, and is a major challenge for many businesses. A survey from analyst firm Gartner released yesterday showed that around half of those affected by the legislation - whether in the EU or outside - will not be in full compliance when the regulations take effect.

At Google's Cloud Next event in London on Wednesday, the cloud provider announced that its portfolio of Cloud Platform and G Suite products will be fully compliant with the incoming regulations, with data protection capabilities 'built-in' to its services.

"Our security capabilities really help you with your compliance obligations," Brian Stevens, vice president of Cloud Platforms at Google Cloud, told the 4,500 attendees. "In the US we were just selected to go through the accelerator process for FedRamp, we have been offering model contract clauses in Europe for a long period of time and the underlying work we have been doing will set us up for getting ready to commit to GDPR when it roles out in May of next year."

The announcement follows similar moves by the other 'top three' cloud providers - Amazon Web Services and Microsoft Azure - which have also committed to GDPR compliance in order to support customers operating in the EU.

Google has already launched a number of services aimed at helping improve data protection and security practices, such as its Data Loss Protection API, which redacts sensitive information stored in its G Suite products, and Google Vault for data archiving in Google Drive.

According to Bill Hippenmeyer, head of Cloud Customer Engineering for EMEA, moving data to the cloud can help ease the burden faced by senior IT leaders, many of whom see GDPR as their top priority.

He told Computerworld UK: "We talk a lot with the legal teams and chief information security officers of European companies and I think everybody has concerns over a couple of things. [For example] 'can we even comply with the standards we have and if we do, what is the level of effort and resource investment to do that compliance?'"

"That is where they see an advantage in going cloud, they can offload that responsibility and reutilise those critical skills to be focused on other aspects of securing their infrastructure. So I think they see it as an accelerator.